Webster in The Oldie

Contact Webster...

Newsletter - sign up here

Ask Webster

Search Webster

Webster's pieces from The Oldie

Webster's Webwatch

The war on the internet

December 2022

You might think that if two countries are at war, the fighting would always be pretty obvious. Horrors like bombs, armoured cars breaching national borders and so on are not hard to spot.

However, this is not the case online, and it’s become clear that plenty of online guerrilla warfare takes place, and virtual armies are being raised which don’t even have to cross borders to engage the enemy.

The key to this is, inevitably, the internet.

Online cyberwars are not new, but activity has stepped up since the Russians invaded Ukraine. At their most visible, these attacks often use a technique called a Distributed Denial of Service (DDoS). This involves overloading a website with a huge flood of simultaneous requests to look at the same page. All websites have this Achilles heel: they can only handle a certain number of viewers at any one time; if that is exceeded, the website collapses or grinds to a halt.

It’s a blunt but effective weapon, and whilst there are more subtle means of attack (spyware, viruses and the like) the DDoS is one of the easiest to arrange, provided that you can simultaneously mobilise thousands of computers all over the internet, which is not as hard as you might think.

In Russia there is an online group called Killnet, which co-ordinates pro-Russian computer users and seems to have well over 100,000 members. It doesn’t claim Russian government support, but it certainly supports the Russian government. It arranges and encourages attacks on Ukrainian websites, and those of any other country that it deems to be working with Ukraine or against Russia. In June 2022 it declared ’war’ on ten nations (including the UK), and since then has been actively supporting attacking the websites of governments and key business sectors in each of them.

For example, in June, Lithuania blocked coal and metal being moved through the country to Russia. Ten days later, more than one hundred Lithuanian government websites were subjected to a DDoS, coordinated by Killnet.

Norway has reported similar attacks; in fact, all NATO countries have probably had their fair share. We know this because Killnet boasts about its efforts and has raised what they impertinently call a ‘Legion’ named the Cyber Special Forces RF (Russian Federation), which is made up of thousands of volunteers who perform DDoS attacks on demand and are provided with the knowhow by Killnet.

Of course, it would be naïve to assume that there is no similar activity taking place in the other direction; indeed, the IT Army of Ukraine was formed in February, perhaps the world’s first official government supported band of volunteers who operate in much the same way as Killnet but with Russian targets in their sights.

I find this invisible combat rather unsettling; give me an enemy I can see, please.

However, I should not despair. Protection from DDoS attacks is big business, as you might imagine, and is becoming ever more sophisticated. What’s more, large industrial and public sector organisations have finally begun applying enough money to their cyber defences; it always used to be a bit of an afterthought but is now central to all planning. So it should be.

It may also reassure you to learn that all three services (Royal Navy, Army and RAF) together with services from other countries, take part in an annual exercise to test their skills in stopping potential cyber attacks of the UK, and reacting to those they can’t stop. NATO has run similar training for years.

Surely it can only be a matter of time before there is a regiment devoted to this kind of thing. Perhaps His Majesty’s Cyber Guards, known colloquially as ‘The King’s Keyboards’.

They may be our very first line of defence.

All content on www.webstersblog.co.uk is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License.